Describe the internal control principle of “Risk Assessment”
Part 1
Describe the internal control principle of “Risk Assessment” as presented in COSO’s 2013 Framework, SOX 2002 Sections 404 & 302, and PCAOB’s AS 5.
Compare the internal control effectiveness of the Internal Control-Integrated Framework issued by COSO, the Sarbanes-Oxley Act of 2002, Section 404 “Internal Control over Financial Reporting Requirements”, and PCAOB’s AS 5 “an Audit of Internal Control over Financial Reporting that is integrating with an Audit of Financial Statements.”
Part 2
Read the article “Sarbanes-Oxley and Public Reporting on Internal Control: Hasty Reaction or Delayed Action?”. Do you agree with the authors that the COSO 1992 Framework and SOX 2002 Section 404 succeeded in changing the ways companies thought of internal controls over risk assessment? Why or why not?
Requirements: 2 Pages